Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    ee7511ec3e80badb206f4832340a732bcef7014dcc7c49f5afbfa14fc659d585.bin

  • Size

    1.2MB

  • Sample

    230505-y6d54scf65

  • MD5

    b21e8e149fec0bf0da510921be20e32b

  • SHA1

    08bf87317c732188ab0f20dc58aa943b505c942c

  • SHA256

    ee7511ec3e80badb206f4832340a732bcef7014dcc7c49f5afbfa14fc659d585

  • SHA512

    1a72b57b85376e9931de64f75cc607192ae2a0df62f0d75cad71067e2e248defbb71f6dfe45aa8c07d485a8f0ad376efe52a0663ff6567ab40329fa65221efa5

  • SSDEEP

    24576:B0zwEbpelsnjkyfxpcP7kJxnSnF83PRiGBgy3rIgBQzbypT6bg6gO:B0zNUYjkCcPoJgK3ss+y4bN

Malware Config

Targets

    • Target

      ee7511ec3e80badb206f4832340a732bcef7014dcc7c49f5afbfa14fc659d585.bin

    • Size

      1.2MB

    • MD5

      b21e8e149fec0bf0da510921be20e32b

    • SHA1

      08bf87317c732188ab0f20dc58aa943b505c942c

    • SHA256

      ee7511ec3e80badb206f4832340a732bcef7014dcc7c49f5afbfa14fc659d585

    • SHA512

      1a72b57b85376e9931de64f75cc607192ae2a0df62f0d75cad71067e2e248defbb71f6dfe45aa8c07d485a8f0ad376efe52a0663ff6567ab40329fa65221efa5

    • SSDEEP

      24576:B0zwEbpelsnjkyfxpcP7kJxnSnF83PRiGBgy3rIgBQzbypT6bg6gO:B0zNUYjkCcPoJgK3ss+y4bN

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks